REMARKS 

Applicants respectfully traverse and request reconsideration. 

Applicants wish to thank the Examiner for the notice that claims 27-31 are allowed. 

Claims 1-4, 6-26 stand rejected under 35 U.S.C. §103(a) as being obvious in view of 
U.S. Patent No. 6,510,236 (Crane et al.). As a preliminary matter. Applicants note that there 
was a typographical error in the rejection as it indicated that the claims were * 'anticipated" 
however the rejection appears to be solely based on an obviousness rejection. Applicants will 
respond accordingly. 

Crane is directed to an authentication framework for managing authentication requests 
for multiple authentication devices wherein the authentication devices are for example token 
cards, biometric devices or scanners. A client unit passes to an application server a request 
for authentication. The request includes a user ID and device ID identifying a client and an 
authentication device, coupled to the client, from which authentication information comes. 
The application server determines which device authentication server the request is intended 
for and then forwards authentication data in the request to that server. If the server verifies 
that the authentication data is acceptable, a token is returned to the client. 

In contrast, Applicants claim a different method and structure. For example, as to 
claim 1, the method requires sending, by a first unit, user identification data to an 
authentication unit and then using the user identification data sent by the first unit to 
determine which destination unit will receive an authentication code to be used to 
authenticate the user. The authentication code is then sent to the determined destination unit, 
the authentication code is then returned to the authentication unit and the user can then be 
authenticated. Crane fails to describe what is alleged in the office action. For example, the 
office action states that the "application server of Figure 4" corresponds to the claimed "first 
unit". Taking, for argument sake, that the application server 12 in FIG. 4 corresponds to the 
claimed "first unit", the claimed method is not met. For example, the claim also requires 
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using, user identification data sent by the first unit, to determine which destination unit will 
receive the authentication code to be used to authenticate the user. However, the office 
action cites that the same first unit, namely the application server, is the unit that both sends 
the authentication information and receives the sent authentication information. However, 
the claim requires a unit other than the first unit to perform the claimed operation since the 
first unit does not send the information to itself. As such, this limitation is not taught or 
suggested by the cited reference as the application server 12 does not use the user 
identification data that it sent. In fact, Applicants describe in one embodiment, that an 
authentication server receives the user identification data sent by the first unit to determine 
which destination unit will receive the authentication code. Such an operation is not taught or 
suggested by the cited references. Accordingly, the claim is in condition for allowance. 
Claim 6 is allowable for similar reasons. 

Claim 10 has been rejected for the same reasons as claim 1 and also based on the 
reasons given with respect to the back channel limitations discussed with respect to claim 15. 
Applicants respectfully reassert the relevant remarks made above with respect to claim 1 and 
also note that Crane also fails to render claim 15 obvious since the cited portion of Crane 
does not refer to using a primary wireless channel in combination with a wireless back 
channel as claimed. To the contrary, column 1, lines 25-39 and column 6, lines 1-14 are 
silent as to the use of any back channel and in fact, column 1, lines 25-39 actually refer to the 
primary communication channel. The portion cited in column 6, lines 1-14 only refer to 
different authentication device types and does not mention anything about a wireless back 
channel or use of primary channel in combination therewith. As such, Applicants 
respectfully submit that the claim is in condition for allowance. 

As to claim 15, Applicants respectfully reassert the relevant remarks made above with 
respect to claim 10. 
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Claims 17 and 21 are allowable at least for the same reasons given above with respect 
to the other corresponding independent claims and as such, Applicants respectfully submit 
that these claims are also in condition for allowance. 

Among other advantages, some of the claims provide different levels of authentication 
and may utilize an alternate channel, such as a back channel during a session to provide 
authentication information in addition to user ID and/or password information to provide 
multi-factor authentication. If desired, the authentication code may be sent to a third unit as 
owned by a user to improve the authentication process and so only the user owns the third 
device. In addition, an authentication code may be sent via a different channel than the 
channel used to send the password information. Other distinctions and advantages will be 
apparent depending upon the differing claim language. 

Accordingly, Applicants respectfully request that a timely Notice of Allowance be 
issued in this case. The Examiner is invited to contact the below-listed attorney if the 
Examiner believes that a telephone conference will advance the prosecution of this 
application. 



Vedder, Price, Kaufman & Kammholz, P.C. 
222 N. LaSalle Street 
Chicago, Illinois 60601 
PHONE: (312)609-7599 
FAX: (312)609-5005 



Respectfully submitted, 



Date: June 13, 2005 




Christopher J. Reckamp 
Registration No. 34,414 
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